South Korea Police confirmed the involvement of hackers related to the intelligence of North Korea in a large prediction of Ethereum cryptocurrency in 2019. The amount of stolen assets at that time was estimated at $41.5 million.
More than half of the stolen funds were washed through 3 crypto-laundering channels created by the hackers themselves. The remaining funds were distributed among 51 platforms. The criminals breached the crypto exchange where Ethereum was stored, and made off with 342,000 ETH. Today, the value of the stolen assets exceeds $1 billion.
Although the statement does not specify the name of the exchange, in 2019 the South Korean Exchange Upbit reported an unauthorized transfer of 342,000 ETH to an unknown wallet. It is unclear if these two incidents are connected.
An investigation revealed that the attack was orchestrated by Lazarus and Andariel groups, both linked to North Korean intelligence. The conclusion was drawn from an analysis of IP addresses and tracking the movement of assets. This marked the first time North Korea was officially named as the source of a cyber attack on a South Korean crypto exchange.
Law enforcement successfully traced 4.8 BTC transferred to a Swiss crypto exchange. In October, the assets were repatriated to the South Korean platform, now valued at approximately $427,800. North Korea has denied any involvement in cyber attacks and cryptocurrency theft.
According to the UN, from 2017 to 2024, North Korean hackers conducted 97 cyber attacks on cryptocurrency companies, causing an estimated $3.6 billion in damages. Among these attacks was the breach of the HTX crypto exchange in November 2023, where hackers stole $147.5 million and laundered the funds in March 2024.